NOTICE FOR APPLICANTS FOR EMPLOYMENT PURSUANT TO THE LEGISLATION ON THE PROTECTION OF PERSONAL DATA
1.Treatment of personal data
Pursuant to articles 13 and 14 of the Regulation (EU) 2016/679 regarding the protection of personal data (“GDPR“), we inform you that Itinera S.p.A. (the “Company” or the “Data Controller“), as the data controller, processes your personal data, provided by you and also acquired from third-party sources, on the occasion of selection procedures initiated by the Company.
2.Purpose of this information document
This information allows you to know the nature of your personal data and object of treatment, the purposes and methods of treatment, any recipients of the same as well as the rights that are recognized.
3.Purpose of use of the data
Your personal data are used for selection procedures, in particular, to verify the conditions for hiring and / or starting a collaboration and to follow up on your application.
4.Personal data subject to processing
In particular, the personal data at issue concern: Name, address or other elements of personal identification, data relating to work, social security data, the curriculum of studies and work.
On a possible and exceptional basis, as in the case in which by reason of the establishment of a working relationship it becomes known that the interested party belongs to the protected categories, other personal data may be acquired which, according to the terminology of the law, fall into the category of “sensitive” data, such as those suitable for revealing the racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union; as well as personal data suitable for revealing the state of health and sexual life.
5.Nature of the conferment
The provision of data is optional and is left to the will of the candidate who, without any solicitation from the Owner, presents his curriculum vitae. About the data subsequently and possibly requested by the Data Controller, failure to provide it makes it impossible to proceed with the verification of the conditions for the selection procedures, the recruitment and / or for the start of the collaboration and, therefore, to any establishment of the relationship with the Data Controller.
6.How to use the data
Personal data can be processed, as well as by electronic means, also with non-automated tools, and the processing is carried out only with operations, as well as with logic and through forms of organization of data strictly indispensable in relation to the aforementioned obligations, tasks or purposes.
7.Circulation of data
The data may be used by the Data Controller’s staff who have been assigned a specific role and who have been given adequate operating instructions in order to avoid loss, destruction, unauthorized access or unauthorized processing of the data. Your personal data will be made accessible only to those who, within the company organization, need it due to their duties or hierarchical position.
The data may also be used by third parties who carry out instrumental activities on behalf of the Data Controller, the latter acting as external data processors and under the direction and control of the Data Controller. The updated list of data processors is available by submitting a request to firstname.lastname@example.org .
8.No communication or dissemination of data
Your personal data will not be disclosed to third parties, nor will it be disseminated to indeterminate subjects.
9.Transfer of data abroad
Your personal data may be transferred abroad to countries belonging to the European Union and to third countries, in this case with the adoption of adequate safeguards aimed at ensuring data protection and the security of transfers. Further information can be requested by writing to email@example.com .
10.Data retention times
The data will be kept for the time necessary for the formalities required for the selection of the candidate and in any case no later than 5 (five) years from their collection, except for the possible establishment of the employment and / or collaboration relationship.
11.No need for consent
Your consent to the processing is not necessary as the processing concerns data contained in the curricula, spontaneously transmitted by the interested parties for the purpose of establishing an employment / collaboration relationship.
12.Holder of the treatment
The data controller is Itinera S.p.A., with registered office in Via M. Balustra, 15 – 15057 Tortona (AL) – Italy, tax code and VAT number 01668980061.
13.Data Protection Officer
The Company employs a person responsible for the protection of personal data (also known as “Data Protection Officer” or “DPO”). The DPO can be contacted through the following communication channel: firstname.lastname@example.org .
14.Exercise of rights
At any time, you can have full clarity on the operations we have reported and, in particular, obtain the cancellation, transformation into anonymous form and blocking of data processed in violation of the law, request updating or rectification or integration, oppose their use, and exercise the other rights provided by law. For this purpose, you can contact email@example.com .
We also remind you that you also have the right to lodge a complaint with the Guarantor Authority for the protection of personal data if you believe that your rights have not been respected or that you have not received a response under the law.
24 May 2018
NOTICE FOR EMPLOYEES/COLLABORATORS OF THE SUPPLIERS
ACCORDING TO THE REGULATION ON THE PROTECTION OF PERSONAL DATA
ITINERA S.p.A. (the “Company“) is carrying out preliminary operations for the selection of potential suppliers, including your company (the “Supplier“), for the provision of works/services/supplies/professional services (collectively the “Services“) and, for the above purpose, it needs to acquire some information about the Supplier and its organization (including information on its employees and collaborators) qualifiable as “personal data” in accordance with Regulation (EU) 2016/679 on the protection of personal data (the “GDPR“).
1.1 Please note that, according to the GDPR, (i) “controller” means the person or legal entity which determines purposes, methods and means of the processing of personal data, including the security profile; (ii) “data subject” means the natural person to whom the personal data belong, thus excluding the legal entity.
1.2 In relation to personal data of Supplier’s employees and collaborators processed by the Company for the management of the relationship with the Supplier, the Company qualifies as the controller for processing of such data (hereinafter, the Company is also referred to as the “Controller”).
1.3 It is the Controller’s duty to inform, in advance, the data subject and the subject with whom the personal data are collected about the processing of personal data.
1.4 In case of relationships amongst legal entities, the information to any data subject involved in the relevant processing – when they work for or perform professional activities in favour of or collaborate with the Supplier and the data of whom can be communicated, known and / or processed by the Controller in execution and in the performance of the main relationship – is released by the Controller through the Supplier itself.
1.5 With this information, the Company, in its role as Controller, informs the data subjects about the purposes and methods of the processing of personal data collected, the scope of their communication and dissemination, as well as the reason of their communication.
1.6 The Supplier undertakes to guarantee to the data subject full knowledgeability of this information.
The Company processes personal data of the data subjects in order to:
iii. use and manage the Services, as well as for purposes strictly related to those indicated above.
Identification and contact data, as well as different data relating to employees and/or collaborators of the Supplier and / or individuals who hold positions and roles within the organization of the Supplier, with whom the Company is in contact for the purposes indicated in the previous Paragraph 2 (Purpose of the processing of personal data) are subject to processing.
Furthermore, in the cases provided for by paragraph 2, sub II, judicial data and data concerning relatives of the data subjects may be processed.
Personal data are processed both by electronic and by non-automated means.
Data may be used by the Company’s personnel to whom a specific role has been assigned and to whom adequate operating instructions have been given, as well as by third parties carrying out ancillary activities on behalf of the Controller, the latter acting as external processors, acting under the Controller’s direction and control. The updated list of processors is available by submitting a request to firstname.lastname@example.org.
Furthermore, the data may also be disclosed (i) to other companies of the Group with which specific agreements exist, for shared processing purposes, for administrative and accounting purposes and by the latter used for the same purposes; to public bodies for the fulfilment of legal requirements, as well as (ii) to third parties and companies, such as banks, credit institutions and companies closely linked to the collection of credit; to legal and specific consultants, auditors; credit recovery consultants, administration and contractual advisors. The indicated third parties will act as autonomous data controllers. The updated list of the aforesaid recipients and the categories of data recipients can be obtained by writing to email@example.com .
Personal data are not disclosed to undetermined recipients.
Personal Data of the data subjects may be transferred abroad to countries belonging to the European Union and to third Countries, in this case with the adoption of adequate security measures apt at ensuring data protection and security of transfers. Further information can be provided by writing to: firstname.lastname@example.org .
The data will be kept for the duration of the entire contractual relationship and, in any case, for a period not exceeding 10 (ten) years from finalisation thereof or from the date of registration in the Suppliers Register, without prejudice to the statute of limitations and legal deadlines in respect of the consequent rights and in compliance with the consequent obligations.
The Controller is Itinera S.p.A., with registered office in Via M. Balustra, 15 – 15057 Tortona (AL) – Italy, fiscal code and VAT number 01668980061.
The Company has appointed a Data protection officer (the “DPO”). The DPO can b contacted via the following communication channel: email@example.com .
At any time, the data subjects can have full knowledge of the above-mentioned processing operations and, in particular, obtain the cancellation, anonymization and blocking of data unlawfully processed, request their update or correction or integration, challenge their use and exercise the other rights set forth by law. For this purpose, please contact firstname.lastname@example.org .
Moreover, we remind you that the data subjects also have the right to submit a claim to the Data Protection Authority should they deem that their rights have not been respected or that they have not received a reply according to law.
24th May 2018
NOTICE TO CORPORATE OFFICERS AND ATTORNEYS IN ACCORDANCE WITH DATA PROTECTION LAW
In accordance with EU Regulation 2016/679 on the personal data protection (the “GDPR“), effective from 25 May 2018, we inform you that ITINERA (the “Company” or the “Data Controller“), in the capacity of data controller, processes the personal data you provide us following your acceptance of the office of Director / Statutory Auditor / Member of the Supervisory Body pursuant to Legislative Decree 231/01 or your appointment as Attorney of society.
This information allows you to know the nature of your personal data and object of treatment, the purposes and methods of treatment, any recipients as well as the rights that are recognized. Also, in consideration of the future changes that may occur on the applicable legislation on personal data, the Company may integrate and / or update, in whole or in part, this information on the Company’s website (https: //www.itinera- spa.it/privacy/).
The personal data being processed are: name, address or other elements of personal identification of you and your family members or data relating to work, social security data, the curriculum of studies and work as well as, where necessary, the details of the bank account, Its relevance (so-called “common data”). The personal data you provide to us and possibly collected by us from other sources may also be of a sensitive or judicial nature, such as those required for the purpose of submitting offers or even in order to manage, where the conditions exist, any professional insurance policies. in the name of the company of which you are the beneficiary.
In any case, the Company may find it necessary to request personal data other than those falling within the above category and to submit them to processing operations and to communicate them to the recipient bodies indicated in the following Paragraph 7 (Circulation of data), if the provision is:
in the latter case, only the essential data for the indicated purpose will be requested or collected by third parties and will be transmitted to the subjects specified above to allow the relationship in place to be fully implemented.
The provision of your personal data is optional, but it is necessary and / or mandatory for the management of the professional relationship that binds you to the Company and to fulfil regulatory obligations. Failure, partial or incorrect communication of your personal data may result in the inability to execute the aforementioned relationship.
Your data are used not only by electronic means but also by paper means.
7.3 The third parties may also be established abroad, in EU or non-EU countries. In the latter case, the transfer of data is carried out by virtue of the existence of a decision by the European Commission on the adequacy of the level of data protection of the non-EU country or on the basis of the appropriate and appropriate guarantees provided for by Articles 46 or 47 of the GDPR (eg signing of the “standard clauses” of data protection adopted by the European Commission) or the additional conditions of legitimacy for the transfer provided for by art. 49 of the GDPR. For more information on the possible transfer of your personal data outside the European Union, you can write to email@example.com.
Your personal data are not disclosed to undetermined recipients.
The consent to the processing of the aforementioned data is not necessary as their use is a function of the execution of the relationship of which you are a part.
The data controller is Itinera S.p.A., with registered office in Via M. Balustra, 15 – 15057 Tortona (AL) – Italy, tax code and VAT number 01668980061.
Itinera makes use of a responsible for the protection of personal data (also known as “Data Protection Officer” or “DPO”). The DPO can be contacted at the following email address firstname.lastname@example.org
Upon the fulfillment of the conditions and within the limits of the applicable legislation, you may exercise the following rights in relation to the processing of your personal data: (i) the right to access personal data and information on the related processing; (ii) right of rectification if personal data are inaccurate or incomplete; (iii) the right to obtain the cancellation of personal data; (iv) right to object to the processing of personal data; (v) right to limit the processing of personal data; (vi) the right to obtain the transfer of personal data to other companies or organizations and / or to receive personal data in a structured format, commonly used and readable by an automatic device. The aforementioned rights may be exercised by contacting email@example.com.
If you find any irregularities in the processing of your personal data, you can lodge a complaint with the Guarantor for the protection of personal data, in the manner indicated on the website of the Guarantor (www.garanteprivacy.it).
Late update: 10/05/2021